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Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )KI Responsive to communication(s) filed on 28 September 2009 . 
2a )□ This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1- 2, 9-13 and 15-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E2 Claim(s) 1. 9-10. 13. 16-17. and 22 is/are rejected. 

7) EI Claim(s) 2.11.12.15.18-21 and 23-25 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 
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DETAILED ACTION 

1. Applicant's Request for Continued Examination filed 28 September 2009 
is acknowledged. 

2. Applicant's Amendment filed 27 August 2009 is acknowledged. 

3. Claims 1, 16-18, 20 and 23 have been amended. 

4. Claims 1- 2, 9-13 and 15-25 are pending in the present application. 

Continued Examination Under 37 CFR 1.114 

5. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. 

Allowable Subject Matter 

6. Claims 2, 11-12, 15, 1 8-21 and 23-25 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 
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Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

8. Claims 1 , 9-1 0, 1 3, 1 6-1 7, and 22 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Gullotta et al. (US 6985955 B2) in view of Muhlestein et al. (US 



200301 95942 A1 ) and in further view of Steegmans (US 679921 6 B2). 
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Consider claims 1 and 16. Gullotta et al. discloses a computer implemented 
method for dynamically provisioning computing resources, said method comprising: 
receiving a request for a computing resource, wherein said request is associated with 
an asset; determining an asset classification of said asset, a business value of said 
asset, and a resource classification related to said asset (column 7 lines 45-52), 
wherein said asset classification is at least one of: a public asset, a business 
confidential asset, a private asset, and a secret asset, wherein said business value of 
said asset is one of: a low value, a medium value, and a high value (column 1 8 lines 1 9- 
32), and wherein said resource classification is one of: a trusted classification for 
internal entities and a non-trusted classification for external entities (column 14 lines 3- 
18); and provisioning said computing resource based on said determining step (column 
5 lines 13-35, column 18 lines 34-46, column 11 lines 24-52, and column 12 lines 34- 
53). 

However, Gullotta et al. does not explicitly teach a computer implemented 
method for dynamically provisioning computing resources wherein an asset is assigned 
to one of a plurality of security domains based on a determining step, wherein each 
security domain corresponds to a respective degree of security control; and provisioning 
a computing resource based on said one of said plurality of security domains. 

Muhlestein et al. discloses a method and apparatus for encapsulating a virtual 
filer on a filer wherein each vfiler is assigned to a distinct domain (("Specifically, each 
vfiler is allocated a certain amount, i.e., a subset, of dedicated and distinct units of 
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storage resources, and one or more dedicated and distinct network addresses. Each 
vfiler is also allowed shared access to the common file system on behalf of its client. 
Therefore, interpretations of a security object associated with, e.g., a client accessing 
the common file system may vary among vfilers. To address this, each vfiler is provided 
a vfiler context data structure (hereinafter "vfiler context") including, among other things, 
information pertaining to a unique and distinct security domain of the vfiler to thereby 
enable controlled access to allocated and shared resources of the vfiler. For example, 
the vfiler context of a first vfiler ensures that users or clients of a first security domain 
can use a first set of source and destination network addresses when issuing requests 
to access a first subset of storage resources on the filer. Similarly, the vfiler context of a 
second vfiler ensures that clients of a second security domain may use a second set of 
source and destination network addresses to access a second subset of storage 
resources. Notably, the clients of each security domain are unaware of each other's 
"presence" on the filer and, further, are unable to access each other's storage 
resources. In sum, no data flow exists between vfilers.") paragraphs 0058-0059). 

Gullotta et al. discloses a prior art computer implemented method for dynamically 
provisioning computing resources, said method comprising: receiving a request for a 
computing resource, wherein said request is associated with an asset; determining an 
asset classification of said asset, a business value of said asset, and a resource 
classification related to said asset, wherein said asset classification is at least one of: a 
public asset, a business confidential asset, a private asset, and a secret asset, wherein 
said business value of said asset is one of: a low value, a medium value, and a high 
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value, and wherein said resource classification is one of: a trusted classification for 
internal entities and a non-trusted classification for external entities; and provisioning 
said computing resource based on said determining step upon which the claimed 
invention can be seen as an improvement. 

Muhlestein et al. teaches a prior art comparable method and apparatus for 
encapsulating a virtual filer on a filer wherein each vfiler is assigned to a distinct 
domain. 

Thus, the manner of enhancing a particular device (method and apparatus for 
encapsulating a virtual filer on a filer wherein each vfiler is assigned to a distinct 
domain) was made part of the ordinary capabilities of one skilled in the art based upon 
the teaching of such improvement in Muhlestein et al. Accordingly, one of ordinary skill 
in the art would have been capable of applying this known "improvement" technique in 
the same manner to the prior art computer implemented method for dynamically 
provisioning computing resources, said method comprising: receiving a request for a 
computing resource, wherein said request is associated with an asset; determining an 
asset classification of said asset, a business value of said asset, and a resource 
classification related to said asset, wherein said asset classification is at least one of: a 
public asset, a business confidential asset, a private asset, and a secret asset, wherein 
said business value of said asset is one of: a low value, a medium value, and a high 
value, and wherein said resource classification is one of: a trusted classification for 
internal entities and a non-trusted classification for external entities; and provisioning 
said computing resource based on said determining step of Gullotta et al. and the 
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results would have been predictable to one of ordinary skill in the art, namely, one 
skilled in the art would have readily recognized a system and method of virtual 
provisioning. 

However, Gullotta et al., as modified by Muhlestein et al., does not explicitly 
teach a system and method of dynamically assigning an asset to one of a plurality of 
security domains based on a source of a request and determining, wherein each 
security domain corresponds to a different degree of security control. 

Steegmans discloses a system that uses domain managers to communicate 
service parameters to domain boundary controllers for managing special internet 
connections across domain boundaries comprising a method of dynamically assigning 
an asset to one of a plurality of security domains based on a source of a request and 
determining, wherein each security domain corresponds to a different degree of security 
control. 

[Steegmans, column 2, lines 39-44] It is also advantageous that the domain manager 
manages all the resources required by internet connections within the domain to which 
it is assigned. This permits the dynamic assignment of network resources to users, as 
well as the implementation of security checks and charge metering for these resources. 

[Steegmans, column 6, lines 29-34] Service quality in this sense can also constitute a 
special quality of security specified by the service parameters. For this purpose the 
domain boundary controllers 41 and 42 make available security functions which assure 
different security levels in the domain 22 for different internet connections in accordance 
with the service parameters. 



Gullotta et al., as modified by Muhlestein et al., discloses a prior art computer 
implemented method for dynamically provisioning computing resources, said method 
comprising: receiving a request for a computing resource, wherein said request is 
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associated with an asset; determining an asset classification of said asset, a business 
value of said asset, and a resource classification related to said asset, wherein said 
asset classification is at least one of: a public asset, a business confidential asset, a 
private asset, and a secret asset, wherein said business value of said asset is one of: a 
low value, a medium value, and a high value, and wherein said resource classification is 
one of: a trusted classification for internal entities and a non-trusted classification for 
external entities; and provisioning said computing resource based on said determining 
step; and encapsulating a virtual filer on a filer wherein each vfiler is assigned to a 
distinct domain upon which the claimed invention can be seen as an improvement. 

Steegmans teaches a prior art comparable system that uses domain managers 
to communicate service parameters to domain boundary controllers for managing 
special internet connections across domain boundaries comprising a method of 
dynamically assigning an asset to one of a plurality of security domains based on a 
source of a request and determining, wherein each security domain corresponds to a 
different degree of security control. 

Thus, the manner of enhancing a particular device (system that uses domain 
managers to communicate service parameters to domain boundary controllers for 
managing special internet connections across domain boundaries comprising a method 
of dynamically assigning an asset to one of a plurality of security domains based on a 
source of a request and determining, wherein each security domain corresponds to a 
different degree of security control) was made part of the ordinary capabilities of one 
skilled in the art based upon the teaching of such improvement in Steegmans. 
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Accordingly, one of ordinary skill in the art would have been capable of applying this 
known "improvement" technique in the same manner to the prior art computer 
implemented method for dynamically provisioning computing resources, said method 
comprising: receiving a request for a computing resource, wherein said request is 
associated with an asset; determining an asset classification of said asset, a business 
value of said asset, and a resource classification related to said asset, wherein said 
asset classification is at least one of: a public asset, a business confidential asset, a 
private asset, and a secret asset, wherein said business value of said asset is one of: a 
low value, a medium value, and a high value, and wherein said resource classification is 
one of: a trusted classification for internal entities and a non-trusted classification for 
external entities; and provisioning said computing resource based on said determining 
step; and encapsulating a virtual filer on a filer wherein each vfiler is assigned to a 
distinct domain of Gullotta et al., as modified by Muhlestein et al., and the results would 
have been predictable to one of ordinary skill in the art, namely, one skilled in the art 
would have readily recognized a system and method of domain boundary controllers. 

Consider claim 17. Gullotta et al., as modified by Muhlestein et al. and 
Steegmans, discloses a system configured to facilitate dynamically dynamic 
provisioning of computing resources (column 13 lines 5-18), said system comprising 
including a provisioning engine configured to: receive a request for a computing 
resource, wherein said request is associated with an asset, determine an asset 
classification, a business value of said asset, and a resource classification related to 
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said asset based upon input from a manager component, wherein said asset 
classification is at least one of: a public asset, a business confidential asset, a private 
asset, and a secret asset, wherein said business value of said asset is one of: a low 
value, a medium value, and a high value, and wherein said resource classification is 
one of: a trusted classification for internal entities and a non-trusted classification for 
external entities; and internal entities and a non-trusted classification for external 
entities; and provision said computing resource based on said determining step (column 
5 lines 13-35, column 18 lines 34-46, column 11 lines 24-52, and column 12 lines 34- 
53). 

Consider claim 9, as applied to claim 1. Gullotta et al., as modified by Muhlestein 
et al. and Steegmans, discloses a method comprising de-provisioning said computing 
resource (Gullotta et al., column 9 lines 47-54). 

Consider claim 10, as applied to claim 1. Gullotta et al., as modified by 
Muhlestein et al. and Steegmans, discloses a method comprising de-provisioning said 
computing resource when said computing resource is no longer needed by said asset 
(Gullotta et al., column 9 lines 47-54). 

Consider claim 13, as applied to claim 1. Gullotta et al., as modified by 
Muhlestein et al. and Steegmans, discloses a method comprising including defining 
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which processes may be suspended if said asset requires an additional computing 
resource (Gullotta et al., column 20 lines 23-31). 

Consider claim 22, as applied to claim 17. Gullotta et al., as modified by 
Muhlestein et al. and Steegmans, discloses a method comprising including a 
configuration manager instruction module (Gullotta et al., column 15 line 60 - column 16 
line 8) configured to identify which processes may be suspended if an asset requires 
additional computing resource (Gullotta et al., column 20 lines 23-31). 

Response to Arguments 

9. Applicant's arguments filed 27 August 2009 with respect to claims 1 and 16-17 
have been considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

10. Any response to this Office Action should be faxed to (571 ) 273-8300 or mailed 
to: 

Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 

Hand-delivered responses should be brought to 

Customer Service Window 

Randolph Building 
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401 Dulany Street 
Alexandria, VA 22314 

Any inquiry concerning this communication or earlier communications from the 

Examiner should be directed to Mark Fearer whose telephone number is (571) 270- 

1770. The Examiner can normally be reached on Monday-Thursday from 7:30am to 

5:00pm. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, Tonia Dollinger can be reached on (571) 272-4170. The fax phone number 
for the organization where this application or proceeding is assigned is (571 ) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free) or 571-272-4100. 

Any inquiry of a general nature or relating to the status of this application or 

proceeding should be directed to the receptionist/customer service whose telephone 

number is (571)272-2600. 

Mark Fearer 
/M.D.FV 

December 12, 2009 
/George C Neurauter, Jr./ 
Primary Examiner, Art Unit 2443 



